5-14 C3

manojampalam · manojampalam · commit 03c8d962d781 · 2016-05-14T18:34:54.000-07:00
diff --git a/contrib/win32/openssh/ssh-agent.vcxproj b/contrib/win32/openssh/ssh-agent.vcxproj
@@ -211,6 +211,8 @@
     <ClCompile Include="$(OpenSSH-Src-Path)\contrib\win32\win32compat\ssh-agent\connection.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)\contrib\win32\win32compat\ssh-agent\keyagent-request.c" />
     <ClCompile Include="$(OpenSSH-Src-Path)\contrib\win32\win32compat\ssh-agent\pubkeyagent-request.c" />
+    <ClCompile Include="..\..\..\auth-options.c" />
+    <ClCompile Include="..\..\..\auth2-pubkey.c" />
   </ItemGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
   <ImportGroup Label="ExtensionTargets">
diff --git a/contrib/win32/win32compat/ssh-agent/agentconfig.c b/contrib/win32/win32compat/ssh-agent/agentconfig.c
@@ -50,7 +50,6 @@ static int use_privsep = -1;
 Buffer cfg;
 ServerOptions options;
 struct passwd *privsep_pw = NULL;
-char *forced_command = NULL;
 static char *config_file_name = _PATH_SERVER_CONFIG_FILE;
 
 int	 auth2_methods_valid(const char * c, int i) {
@@ -107,4 +106,18 @@ int load_config() {
 
 int config_log_level() {
 	return options.log_level;
+}
+
+int pubkey_allowed(struct sshkey* pubkey, wchar_t* wuser, wchar_t* wuser_home) {
+	struct passwd pw;
+	char user[256], user_home[MAX_PATH];
+	memset(&pw, 0, sizeof(pw));
+
+	if (WideCharToMultiByte(CP_UTF8, 0, wuser, -1, user, 256, NULL, NULL) == 0)
+		return 0;
+	/* BUG - pw structure is assumed to be filled with unicode strings by expand_authorized_keys()*/
+	//WideCharToMultiByte(CP_UTF8, 0, wuser_home, -1, user_home, MAX_PATH, NULL, NULL);
+	pw.pw_dir = wuser_home;
+	pw.pw_name = user;
+	return user_key_allowed(&pw, pubkey, 1);
 }
diff --git a/contrib/win32/win32compat/ssh-agent/authagent-request.c b/contrib/win32/win32compat/ssh-agent/authagent-request.c
@@ -29,11 +29,11 @@
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 
-#define WIN32_NO_STATUS
+#define UMDF_USING_NTSTATUS 
 #include <Windows.h>
-#undef WIN32_NO_STATUS
 #include <Ntsecapi.h>
 #include <ntstatus.h>
+#include <Shlobj.h>
 #include "agent.h"
 #include "agent-request.h"
 #include "key.h"
@@ -170,7 +170,9 @@ int process_authagent_request(struct sshbuf* request, struct sshbuf* response, s
 	}
 
 	if (key_verify(key, sig, sig_len, blob, blob_len) != 1 ||
-	    (token = generate_user_token(wuser)) == 0 || 
+	    (token = generate_user_token(wuser)) == 0 ||
+	    SHGetKnownFolderPath(&FOLDERID_Profile, 0, token, &wuser_home) != S_OK ||
+	    pubkey_allowed(key, wuser, wuser_home) != 1 ||
 	    (FALSE == GetNamedPipeClientProcessId(con->connection, &client_pid)) ||
 	    ( (client_proc = OpenProcess(PROCESS_DUP_HANDLE, FALSE, client_pid)) == NULL) ||
 	    (FALSE == DuplicateHandle(GetCurrentProcess(), token, client_proc, &dup_token, TOKEN_QUERY | TOKEN_IMPERSONATE, FALSE, DUPLICATE_SAME_ACCESS)) ||
